Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

anyone want to play with SNMP?



  • Hi all -

    I realize that this is about as un-Qt a topic as we could get, but...I'm running out of places to look, and there are lots of smart people who frequent this forum.

    I have a (non-Qt) embedded application that needs to talk to a server via SNMP. The requirement is excruciatingly simple - I just need to send a trap to the server whenever a particular event occurs on my embedded device.

    It's almost uncanny how little usable information I've been able to find on SNMP. The web is filled with companies who want to offer their management services, but any discussion of message transfers at the byte level is almost nonexistent.

    What I would LOVE is if someone could help me figure out what a trap message looks like -- not a high-level description, but a byte-by-byte example, perhaps even captured by Wireshark.

    I have no intention of implementing a full SNMP agent for this; I just want to send one (mostly pre-formatted) message.

    Thanks for any assistance...



  • Like most folks, my SNMP experience is with existing published MIBs and using them with commercial monitoring systems. I'd suggest looking up internet RFC documents related to SNMP. My specifying RFC you may actually find protocol information. I'm gonna be in a similar boat to you in the coming months. I need to control devices thru SNMP from an embedded board on a spacecraft and I too dont' want to implement a full blown SNMP server system. As this is "the lounge" non-Qt stuff should be fair game.



  • @Kent-Dorfman I've looked through the RFCs; they're borderline indecipherable. One Wireshark capture of a trap, with the fields decoded, would help more than all of them put together.

    I just have to say how amazed I am at the lack of information available on this topic. I can't even find a book that looks like it covers this.


  • Lifetime Qt Champion

    Hi @mzimmers,

    I guess the way to go is to set up net-snmp.org, get it compiling, inject your code and then compile your own SNMP server. There are some examples how to do this on http://www.net-snmp.org/wiki/index.php/Tutorials, however, you'll have to invest some time in that topic.

    As for books, there is "Essential SNMP, Second Edition". I think we have that at work too, but I'm not 100% sure.

    Regards



  • @aha_1980 I'm willing to do that if I have to, but I'm not sure how much good that will do. I need an example of a trap message, and can't find a resource that shows me one.

    I do have the book you mention on order; perhaps that will shed more light on this amazingly arcane subject.


  • Lifetime Qt Champion

    @mzimmers Yeah, I have the book; but it mostly covers the administrators view on the topic, not the programmers.

    However, it is a great overview over the technology, and will gain you more undestanding.

    Have you already seen http://www.net-snmp.org/wiki/index.php/TUT:snmptrap Probably that's already enough for your case?

    Regards



  • @mzimmers from the snmptrap tutorial link that @aha_1980 suggested, I guess you can follow it and use the snmptrap command to generate some sample traps that you can capture and analyze with Wireshark.

    In addition, you may want to look at the source code of such command, and you'll see some of the internals...

     pdu = snmp_pdu_create(SNMP_MSG_TRAP);
    


  • @aha_1980 the net-snmp page is useful but still doesn't give me the particulars of the message format that I need.

    @Pablo-J-Rogina good suggestion -- the source code helps, though the fields seem somewhat inconsistent with those on this page. I'll keep reading through it.


  • Banned

    This post is deleted!


  • Just to bring this to closure: I managed to obtain an example of an SNMP trap message, and after doing some byte-by-byte decoding, I figured out what each byte meant. Then I was able to modify (by hand) to get the trap configured for my application.

    For the morbidly curious, here's the code that defines the byte array, with copious annotations. T&L refer to type and length (from TLV). The encoding is some form of BER. Doesn't SNMP look fun?

    int Worker::sendTrap()
    {
        int rc = ESP_OK;
        // the byte array below forms a v1 trap
        const uint8_t trap[] = {
            0x30, // ASN.1 header
            0x45, // ***** length of remainder of packet
                0x02, 0x01, 0x00, // version v1
                0x04, 0x06, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, // community "public"
                0xa4, 0x38, // ***** T&L for remainder of packet
                    0x06, 0x0f, // ***** T&L for enterprise
                        0x2b, 0x06, 0x01, 0x04, 0x01,
                        //0x81, 0x88, 0x53, // encoding for 17491
                        0x82, 0xe7, 0x01, // encoding for 45953
                        0x01, 0x01, 0x02, 0x01, 0x02, 0x81, 0x49,
                    0x40, 0x04, // ***** T&L for agent IP address
                    0x0, 0x0, 0x0, 0x0, // agent IP address (will be filled in below)
                    0x02, 0x01, 0x01, // ***** generic trap (warmStart)
                    0x02, 0x01, 0x00, // ***** specific trap (0)
                    0x43, 0x01, 0x00, // ***** timestamp
                    0x30, 0x16, // ***** T&L for varbind 1
                        0x30, 0x14, // **** T&L for varbind 1 name
                            0x06, 0x0f, 0x2b, 0x06, 0x01, 0x04, 0x01,
                            //0x81, 0x88, 0x53, // encoding for 17491
                            0x82, 0xe7, 0x01, // encoding for 45953
                            0x01, 0x01, 0x02, 0x01, 0x02,
                            0x81, 0x49, // encoding for 201
                            0x02, 0x01, 0x01 // ***** varbind value (1)
    
        };
    

    Anyway, thanks to everyone who looked and helped.



  • @mzimmers OMG, that is sooooo ugly. God bless you man, for figuring it out. Hope it works for you.



  • @Kent-Dorfman heh...as bad as that is, I found it easier than trying to build an agent (or even a part of an agent). And (drumroll please)...to my mind, both are easier than figuring out how to write MIBs!

    SNMP is for machines, by machines. Humans need not apply.


Log in to reply